You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ol...@apache.org on 2019/12/08 08:41:34 UTC
[sling-org-apache-sling-commons-crypto] 01/02: SLING-8885 Provide
an extensible crypto implementation based on Jasypt
This is an automated email from the ASF dual-hosted git repository.
olli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-commons-crypto.git
commit ef071dc17c9d9ded6d3220d87b9d41b1f43477bc
Author: Oliver Lietz <ol...@apache.org>
AuthorDate: Sun Dec 8 01:25:45 2019 +0100
SLING-8885 Provide an extensible crypto implementation based on Jasypt
* Make Jasypt optional
* Improve names and descriptions
* Add configuration defaults
---
bnd.bnd | 23 ++++++++++++++++++
pom.xml | 12 ++++++++++
...yptRandomIvGeneratorRegistrarConfiguration.java | 2 +-
...tRandomSaltGeneratorRegistrarConfiguration.java | 2 +-
.../JasyptStandardPBEStringCryptoService.java | 8 +++----
...tandardPBEStringCryptoServiceConfiguration.java | 28 +++++++++++-----------
.../commons/crypto/it/tests/CryptoTestSupport.java | 1 -
.../it/tests/jasypt/JasyptCryptoTestSupport.java} | 27 ++++++++++-----------
.../JasyptStandardPBEStringCryptoServiceIT.java | 3 +--
9 files changed, 69 insertions(+), 37 deletions(-)
diff --git a/bnd.bnd b/bnd.bnd
index e36a0d6..ba06157 100644
--- a/bnd.bnd
+++ b/bnd.bnd
@@ -1,3 +1,26 @@
+DynamicImport-Package:\
+ org.jasypt.encryption.pbe,\
+ org.jasypt.iv,\
+ org.jasypt.registry,\
+ org.jasypt.salt
+
+Import-Package:\
+ org.jasypt.encryption.pbe;resolution:=optional,\
+ org.jasypt.iv;resolution:=optional,\
+ org.jasypt.registry;resolution:=optional,\
+ org.jasypt.salt;resolution:=optional,\
+ *
+
+Require-Capability:\
+ osgi.service;filter:="(objectClass=org.apache.sling.commons.crypto.PasswordProvider)";effective:=active;resolution:=optional,\
+ osgi.service;filter:="(objectClass=org.jasypt.iv.IvGenerator)";effective:=active;resolution:=optional
+
+-plugin:\
+ org.apache.sling.bnd.plugin.headers.parameters.remove.Plugin;\
+ 'Require-Capability'='osgi.service;filter:="(objectClass=org.apache.sling.commons.crypto.PasswordProvider)";effective:=active',\
+ org.apache.sling.bnd.plugin.headers.parameters.remove.Plugin;\
+ 'Require-Capability'='osgi.service;filter:="(objectClass=org.jasypt.iv.IvGenerator)";effective:=active'
+
-removeheaders:\
Include-Resource,\
Private-Package
diff --git a/pom.xml b/pom.xml
index 77afcb2..95b97c0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -51,6 +51,17 @@
<plugins>
<plugin>
<groupId>biz.aQute.bnd</groupId>
+ <artifactId>bnd-maven-plugin</artifactId>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.bnd.plugin.headers.parameters.remove</artifactId>
+ <version>1.0.0</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+ <plugin>
+ <groupId>biz.aQute.bnd</groupId>
<artifactId>bnd-baseline-maven-plugin</artifactId>
<configuration>
<failOnMissing>false</failOnMissing>
@@ -171,6 +182,7 @@
<artifactId>org.apache.servicemix.bundles.jasypt</artifactId>
<version>1.9.3_1</version>
<scope>provided</scope>
+ <optional>true</optional>
</dependency>
<!-- JSR 305-->
<dependency>
diff --git a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java
index 6483950..90981c8 100644
--- a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java
+++ b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java
@@ -24,7 +24,7 @@ import org.osgi.service.metatype.annotations.ObjectClassDefinition;
@ObjectClassDefinition(
name = "Apache Sling Commons Crypto “Jasypt Random IV Generator Registrar”",
- description = "TODO"
+ description = "Registers a Jasypt RandomIvGenerator as service"
)
@interface JasyptRandomIvGeneratorRegistrarConfiguration {
diff --git a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomSaltGeneratorRegistrarConfiguration.java b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomSaltGeneratorRegistrarConfiguration.java
index 68c8793..baba6ea 100644
--- a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomSaltGeneratorRegistrarConfiguration.java
+++ b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomSaltGeneratorRegistrarConfiguration.java
@@ -24,7 +24,7 @@ import org.osgi.service.metatype.annotations.ObjectClassDefinition;
@ObjectClassDefinition(
name = "Apache Sling Commons Crypto “Jasypt Random Salt Generator Registrar”",
- description = "TODO"
+ description = "Registers a Jasypt RandomSaltGenerator as service"
)
@interface JasyptRandomSaltGeneratorRegistrarConfiguration {
diff --git a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoService.java b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoService.java
index 46e5107..c78e385 100644
--- a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoService.java
+++ b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoService.java
@@ -63,7 +63,7 @@ public class JasyptStandardPBEStringCryptoService implements CryptoService {
@Reference(
cardinality = ReferenceCardinality.OPTIONAL
)
- private volatile Provider provider;
+ private volatile Provider securityProvider;
@Reference(
cardinality = ReferenceCardinality.OPTIONAL
@@ -111,10 +111,10 @@ public class JasyptStandardPBEStringCryptoService implements CryptoService {
// optional
encryptor.setKeyObtentionIterations(configuration.keyObtentionIterations());
encryptor.setStringOutputType(configuration.stringOutputType());
- if (StringUtils.isNotBlank(configuration.providerName())) {
- encryptor.setProviderName(configuration.providerName());
+ if (StringUtils.isNotBlank(configuration.securityProviderName())) {
+ encryptor.setProviderName(configuration.securityProviderName());
}
- final Provider provider = this.provider;
+ final Provider provider = this.securityProvider;
if (Objects.nonNull(provider)) {
encryptor.setProvider(provider);
}
diff --git a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoServiceConfiguration.java b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoServiceConfiguration.java
index 9968645..37f020a 100644
--- a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoServiceConfiguration.java
+++ b/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptStandardPBEStringCryptoServiceConfiguration.java
@@ -28,7 +28,7 @@ import static org.jasypt.encryption.pbe.StandardPBEByteEncryptor.DEFAULT_KEY_OBT
@ObjectClassDefinition(
name = "Apache Sling Commons Crypto “Jasypt Standard PBE String Crypto Service”",
- description = "TODO"
+ description = "Crypto service which uses Jasypt StandardPBEStringEncryptor for encryption and decryption"
)
@interface JasyptStandardPBEStringCryptoServiceConfiguration {
@@ -40,7 +40,7 @@ import static org.jasypt.encryption.pbe.StandardPBEByteEncryptor.DEFAULT_KEY_OBT
@AttributeDefinition(
name = "Algorithm",
- description = "TODO"
+ description = "crypto algorithm"
)
String algorithm() default "PBEWITHHMACSHA512ANDAES_256";
@@ -51,14 +51,14 @@ import static org.jasypt.encryption.pbe.StandardPBEByteEncryptor.DEFAULT_KEY_OBT
int keyObtentionIterations() default DEFAULT_KEY_OBTENTION_ITERATIONS;
@AttributeDefinition(
- name = "Provider Name",
- description = "TODO"
+ name = "Security Provider Name",
+ description = "name of the Security Provider"
)
- String providerName();
+ String securityProviderName();
@AttributeDefinition(
name = "String Output Type",
- description = "TODO",
+ description = "encoding format of the encrypted string output",
options = {
@Option(label = "Base16 (hexadecimal)", value = STRING_OUTPUT_TYPE_HEXADECIMAL),
@Option(label = "Base64", value = STRING_OUTPUT_TYPE_BASE64)
@@ -67,27 +67,27 @@ import static org.jasypt.encryption.pbe.StandardPBEByteEncryptor.DEFAULT_KEY_OBT
String stringOutputType() default STRING_OUTPUT_TYPE_BASE64;
@AttributeDefinition(
- name = "Provider Name",
- description = "TODO"
+ name = "Password Provider Target",
+ description = "filter expression to target a Password Provider"
)
- String passwordProvider_target();
+ String passwordProvider_target() default "*";
@AttributeDefinition(
- name = "Provider Name",
+ name = "Security Provider Target",
description = "filter expression to target a Security Provider"
)
- String provider_target();
+ String securityProvider_target() default "*";
@AttributeDefinition(
name = "IV Generator Target",
description = "filter expression to target an IV Generator"
)
- String ivGenerator_target();
+ String ivGenerator_target() default "*";
@AttributeDefinition(
- name = "Provider Name",
+ name = "Salt Generator Target",
description = "filter expression to target a Salt Generator"
)
- String saltGenerator_target();
+ String saltGenerator_target() default "*";
}
diff --git a/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java b/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java
index 34a61f7..d77f586 100644
--- a/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java
+++ b/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java
@@ -36,7 +36,6 @@ public abstract class CryptoTestSupport extends TestSupport {
// Sling Commons Crypto
testBundle("bundle.filename"),
mavenBundle().groupId("org.apache.commons").artifactId("commons-lang3").versionAsInProject(),
- mavenBundle().groupId("org.apache.servicemix.bundles").artifactId("org.apache.servicemix.bundles.jasypt").versionAsInProject(),
scr(),
// testing
junitBundles(),
diff --git a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java b/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptCryptoTestSupport.java
similarity index 55%
copy from src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java
copy to src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptCryptoTestSupport.java
index 6483950..6500f80 100644
--- a/src/main/java/org/apache/sling/commons/crypto/jasypt/internal/JasyptRandomIvGeneratorRegistrarConfiguration.java
+++ b/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptCryptoTestSupport.java
@@ -16,22 +16,21 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.sling.commons.crypto.jasypt.internal;
+package org.apache.sling.commons.crypto.it.tests.jasypt;
-import org.jasypt.iv.RandomIvGenerator;
-import org.osgi.service.metatype.annotations.AttributeDefinition;
-import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+import org.apache.sling.commons.crypto.it.tests.CryptoTestSupport;
+import org.ops4j.pax.exam.options.ModifiableCompositeOption;
-@ObjectClassDefinition(
- name = "Apache Sling Commons Crypto “Jasypt Random IV Generator Registrar”",
- description = "TODO"
-)
-@interface JasyptRandomIvGeneratorRegistrarConfiguration {
+import static org.ops4j.pax.exam.CoreOptions.composite;
+import static org.ops4j.pax.exam.CoreOptions.mavenBundle;
- @AttributeDefinition(
- name = "Algorithm",
- description = "secure random number generation algorithm"
- )
- String algorithm() default RandomIvGenerator.DEFAULT_SECURE_RANDOM_ALGORITHM;
+public abstract class JasyptCryptoTestSupport extends CryptoTestSupport {
+
+ public ModifiableCompositeOption baseConfiguration() {
+ return composite(
+ super.baseConfiguration(),
+ mavenBundle().groupId("org.apache.servicemix.bundles").artifactId("org.apache.servicemix.bundles.jasypt").versionAsInProject()
+ );
+ }
}
diff --git a/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptStandardPBEStringCryptoServiceIT.java b/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptStandardPBEStringCryptoServiceIT.java
index ba44b92..52b1c59 100644
--- a/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptStandardPBEStringCryptoServiceIT.java
+++ b/src/test/java/org/apache/sling/commons/crypto/it/tests/jasypt/JasyptStandardPBEStringCryptoServiceIT.java
@@ -21,7 +21,6 @@ package org.apache.sling.commons.crypto.it.tests.jasypt;
import javax.inject.Inject;
import org.apache.sling.commons.crypto.CryptoService;
-import org.apache.sling.commons.crypto.it.tests.CryptoTestSupport;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.ops4j.pax.exam.Configuration;
@@ -38,7 +37,7 @@ import static org.ops4j.pax.exam.cm.ConfigurationAdminOptions.factoryConfigurati
@RunWith(PaxExam.class)
@ExamReactorStrategy(PerClass.class)
-public class JasyptStandardPBEStringCryptoServiceIT extends CryptoTestSupport {
+public class JasyptStandardPBEStringCryptoServiceIT extends JasyptCryptoTestSupport {
@Inject
private CryptoService cryptoService;